package com.test.shiro.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

@Controller
//@RequestMapping("/user")
public class LoginController {

    @GetMapping("/login")
    public String loginPage(){
        return "login";
    }

    @GetMapping("/main")
    public String toMain(){
        return "main";
    }

    @PostMapping("/userLogin")
    public String userLogin(String username,String password,Boolean rememberMe){
        System.out.println(username+":"+password);
        Subject subject=SecurityUtils.getSubject();
        AuthenticationToken authenticationToken=new UsernamePasswordToken(username,password,rememberMe);
        try {
            subject.login(authenticationToken);
            return "redirect:/main";
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            return "账号不存在";
        }catch (IncorrectCredentialsException e){
            e.printStackTrace();
            return "密码错误";
        }catch (AuthenticationException e){
            e.printStackTrace();
            return "权限不足";
        }
    }


}
